In this activity, you will practice analyzing a TCP/IP network topology using the GNS3 network simulator.
On the dock at the bottom of the screen, click the Terminal icon to open a new Terminal window.
At the command prompt, type gns3 & and press Enter to open GNS3 in the background. When GNS3 opens, you will be asked to create a project or open an existing project.
In the Project window, click the Projects library tab, then select the IP Address Basics project and click OK. When prompted, click No to skip the update check. GNS3 will open the IP Address Basics lab topology. You will see a large window in the center (the topology window) showing four Linux hosts, two switches, and a router.
On the GNS3 control bar, click the Start button (the large green arrow) to power on all devices. When prompted, click Yes to continue. In the GNS3 topology window, you will see all connections turn green, indicating the hosts are powered on and connected to the network.
In the GNS3 topology window, right-click Linux-1 and select Console from the context menu.
Restore the Terminal window. You should now see a new tab titled Linux-1.
In the terminal window, on the Linux-1 tab, type ifconfig and press Enter to display the network configuration for the Linux-1 host.
You should see two network interfaces: eth0 (the primary network interface for this Linux system) and lo (a loopback interface, which is a virtual interface used by the operating system to communicate with itself). Take note of the MAC address (HWaddr), IP Address (inet addr), and the Subnet Mask (Mask) for the eth0 interface. Because the subnet mask is 255.255.255.0, we know that the first three octets are the network address, and the last octet is the host address. Thus, this is the 192.168.0.10 host on the 192.168.0.0/24 network. Note: Because this is a virtual environment, the MAC addresses will change every time GNS3 restarts the network. MAC addresses do not change in the real world, although many devices (such as smartphones) are capable of spoofing their MAC addresses for privacy reasons.
Repeat the above command on Linux-2, Linux-3, and Linux-4. Take note of the IP Address and subnet mask on Linux-3. You will need this information to answer one of the questions on the Tasks tab.
In the terminal window, on the Linux-1 tab, type ip a and press Enter to display the network configuration on the Linux-1 host.
The ip a command has replaced the ifconfig command on many modern Linux systems. Notice that you see similar information to the output of the ifconfig command, but that ip a uses slash notation to express the subnet mask.
In the terminal window, on the Linux-1 tab, type netstat -r and press Enter to display the kernel IP routing table.
You should see that the default gateway is 192.168.0.1. Any IP traffic not destined for the local network is sent to the default gateway (router). The router then forwards the packet to the correct network or onward to another router.
Repeat step 10 on Linux-2, Linux-3, and Linux-4 to look up the default gateway for each host.
In the terminal window, on the Linux-1 tab, type cat /etc/network/interfaces and press Enter to display the full Linux network configuration file. The section that matters is under the comment # Static config for eth0. This is where the network configuration is defined.
Note: If the gateway is misconfigured in /etc/network/interfaces it will not appear as a default gateway using netstat -r.
Review the /etc/network/interfaces file on Linux-2, Linux-3, and Linux-4. The first step in troubleshooting a network issue is to ensure the default gateway is correct and to test connectivity to that gateway. In the next steps, you will practice testing the connectivity between Linux-1 and the 192.168.0.1 gateway. Take of the flag hidden in the Linux-2 /etc/network/interfaces file. You will need this information to answer one of the questions on the Tasks tab.
In the terminal window, on the Linux-1 tab, type ping -c 4 192.168.0.1 and press Enter to test connectivity to the default gateway.
Test connectivity to the default gateway on Linux-2, Linux-3, and Linux-4. Be sure to use the correct gateway for each network. If a host has the correct IP address, subnet mask, and gateway, it should be able to reach any other host the router can. Our router sits between two networks: 192.168.0.0/24 and 192.168.1.0/24. Thus, any correctly configured host on 192.168.0.0/24 should be able to reach hosts in 192.168.1.0/24 and vice-versa.
In the terminal window, on the Linux-1 tab, type ping -c 4 192.168.1.10 and press Enter to test connectivity to the 192.168.1.0/24 network.
In the GNS3 topology window, right-click the Router and select Stop from the context menu. You will see the connection indicators on the Router turn red. Without a gateway (router), network 192.168.0.0/24 should not be able to reach network 192.168.1.0/24.
In the terminal window, on the Linux-1 tab, type ping -c 4 192.168.1.10 and press Enter to test connectivity to the 192.168.1.0/24 network. You should find that you can no longer reach the 192.168.1.0/24 network.
In the GNS3 topology window, right-click the Router and select Start. You should see the connection indicators on the Router turn green. Wait a few seconds after you power up the router before proceeding to the next step.
In the terminal window, on the Linux-1 tab, type ping -c 4 192.168.1.10 and press Enter to test connectivity to the 192.168.1.0/24 network. Connectivity should now be restored. Now, let's shift our focus to local subnet traffic and ARP. First, you will toggle the power on the network to reset the devices.
On the GNS3 control bar, click the Stop button (the large red box) to power off all devices. When prompted, click Yes to continue. In the GNS3 topology window, you will see that all connections turn red (except for the switches, which are always green), indicating the hosts are powered off. This action will close the Linux-1, Linux-2, Linux-3, and Linux-4 tabs in the terminal window.
On the GNS3 control bar, click the Start button to power on all devices. When prompted, click Yes to continue.
In the GNS3 topology window, right-click Linux-1 and select Console from the context menu. As before, a new tab called Linux-1 will open in your existing terminal window.
In the terminal window, on the Linux-1 tab, type arp -a to display all cached ARP entries. We have not made any networking requests yet, so there will be nothing in the ARP cache.
On the Linux-1 tab, type ping -c 4 192.168.0.20 and press Enter to test connectivity to Linux-2 on the local subnet. Linux-1 will first send an ARP request to all hosts on the 192.168.0.0/24 network (using a Broadcast). Linux-2 will answer with its MAC address. Lastly, Linux-1 will create a MAC to IP mapping that will cache for some time.
On the Linux-1 tab, type arp -a and take note of the ARP cache.
In the GNS3 topology window, right-click Linux-2, and select Console from the context menu. As before, a new tab called Linux-2 will open in your existing terminal window.
In the terminal window, on the Linux-2 tab, type ifconfig and press Enter to confirm Linux-2's MAC address and compare it to the MAC address found in Linux-1's ARP cache.
Note: The ifconfig command will display the MAC address in all caps, whereas ARP stores the MAC address using lowercase letters. MAC addresses are not case-sensitive.
In the terminal window, on the Linux-1 tab, type ping -c 4 192.168.1.10 and press Enter to test connectivity to the 192.168.1.10 host in the 192.168.1.0/24 network.
On the Linux-1 tab, type arp -a and take note of the ARP cache. Is this what you expected? Remember, ARP is only for local addresses.
From Linux-1, ping 192.168.1.20, then check the ARP cache. Did it change? Should it have? Take note of the IP addresses and MAC addresses related to the 192.168.1.0/24 network stored in the ARP cache. You will need this information to answer one of the questions on the Tasks tab.
On the GNS3 control bar, click the Stop button to power off all devices. When prompted, click Yes to continue.
Right-click the connection between Linux-1 and Switch-1 and select Start Capture to open a Wireshark session on this network link.
When prompted, click OK to continue.
In Wireshark, type arp in the display filter field and press Enter to filter for ARP traffic only.
On the GNS3 control bar, click the Start button to power on all devices. When prompted, click Yes to continue.
In the GNS3 topology window, right-click Linux-1 and select Console from the context menu.
In the terminal window, on the Linux-1 tab, type ping -c 4 192.168.0.20 and press Enter to ping the Linux-2 device. In Wireshark, you should see that Linux-1 with MAC f6:46:2f:cc:20:19 sends a Broadcast message. All hosts and devices on the local subnet can see a Broadcast message. Next, Linux-2 (MAC b2:2d:3d:a7:50:56) replies to Linux-1 with its MAC address. Notice that Linux-2 then makes its own ARP request for Linux-1's MAC address. This request is made because Linux-2 assumes more traffic to and from Linux-1 will be forthcoming.
Note: Remember - because this is a virtual environment, the MAC addresses will change every time GNS3 restarts the network.
In the terminal window, on the Linux-1 tab, type ping -c 4 192.168.1.10 and press Enter to ping the Linux-3 device. In the Wireshark window, notice that Linux-1 again sends a Broadcast message looking for the MAC address of the default gateway. The Router responds with its MAC address and then makes its own request for Linux-1's MAC address. Take note of the total number of ARP requests made in the last two steps. You will need this information to answer one of the questions on the Tasks tab. This concludes the guided exercise. Be sure to answer the questions on the Tasks tab, then proceed to the challenge exercise.